package com.yangxinxin.lesson.shiro;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.util.StringUtils;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/** @Author yangxinxin
 * @Description //TODO 
 * @Date 16:07 2020/2/29
 * @Param 
 * @return 
 **/
//先使用模拟数据数据
public class CustomRealm  extends AuthorizingRealm {
    /*
    *mock数据 用户信息
    * @Param principleCollection
    * @Retuen
    *
     */
    private  Map<String,String> userMap = new HashMap<>();
    {//模拟用户数据
        userMap.put("admin","123456");

        userMap.put("test","123456");
    }
    @Override//2.拿到用户的角色或者权限
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("开始执行*******doGetAuthorizationInfo方法啦****");
        String username =  (String )principalCollection.getPrimaryPrincipal();
        List<String> roles = getRoleByUserName(username);
        List<String> permissions = getPermissionByUsername(username);
        //创建AuthorizationInfo，并设置角色和权限信息
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addStringPermissions(permissions);
        info.addRoles(roles);
        return info;
    }
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
      //用户认证数据
        //拿到用户信息，调用服务层的数据，从token中拿到用户名，和密码，送入进行比对
        System.out.println("开始执行*******doGetAuthenticationInfo方法啦****");
        String username = (String)authenticationToken.getPrincipal();//拿到用户名称
        String password = getPasswordByUsername(username);
        if (StringUtils.isEmpty(password)){
             return  null;
        }

       //SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,password,getName());
        //SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,getMatcherPassword(password),getName());
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username,getMatcherPassword(password,username),getName());

        info.setCredentialsSalt(ByteSource.Util.bytes(username));
       return info;
    }
    /*
    * 获得一个密文的密码
    *
    * *///明文的密码
//        private String getMatcherPassword(String password){
//        return new Md5Hash(password,null,2).toString();
//    }

    private String getMatcherPassword(String password,String salt){
        return new Md5Hash(password,salt,2).toString();
    }

    private  String getPasswordByUsername(String username){
       /** @Author yangxinxin
        * @Description //TODO 通过用户名拿到密码  通过用户名查询密码，模拟数据库查询
        * @Date 16:33 2020/2/29
        * @Param [username]
        * @return java.lang.String
        **/
        return  userMap.get(username);//拿到密码
    }

    private List<String> getRoleByUserName(String username){
        /** @Author yangxinxin
         * @Description //TODO 根据用户名获取用户权限信息
         * @Date 17:06 2020/2/29
         * @Param [username]
         * @return java.util.List<java.lang.String>
         **/
        //
        List<String>  roles =  new ArrayList<>();
        //
        if (username.equals("admin")){
            roles.add("admin");
        }
        roles.add("test");
        return  roles;
    }

    private  List<String> getPermissionByUsername(String username){
        /** @Author yangxinxin
         * @Description //TODO 根据用户名获取权限
         * @Date 17:06 2020/2/29
         * @Param [username]
         * @return java.util.List<java.lang.String>
         **/
        List<String> permissions = new ArrayList<>();
        if (username.equals("admin")){
            permissions.add("*");
        }
        permissions.add("user:list");
        permissions.add("user:delete");
        permissions.add("user:edit");
        return  permissions;
    }
}
